package com.sfac.config.shiro;

import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.sfac.modules.account.domain.Resources;
import com.sfac.modules.account.domain.Role;
import com.sfac.modules.account.domain.User;
import com.sfac.modules.account.domain.UserRole;
import com.sfac.modules.account.mapper.RoleMapper;
import com.sfac.modules.account.mapper.UserRoleMapper;
import com.sfac.modules.account.service.ResourceService;
import com.sfac.modules.account.service.RoleService;
import com.sfac.modules.account.service.UserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.List;


/**
 * @Author:唐琳的爹
 * @BelongsProject:hqyj_springboot
 * @BelongsPackage:com.sfac.config.shiro
 * @CreateTime:2022/8/31 09:41:00
 */
@Component
public class MyRealm extends AuthorizingRealm {

    @Autowired
    private UserService userService;
    @Autowired
    private RoleMapper roleMapper;
    @Autowired
    private ResourceService resourceService;
    @Autowired
    private UserRoleMapper userRoleMapper;


    // 授权
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

        SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

        // 从认证中获取当前信息
        User user = (User)principalCollection.getPrimaryPrincipal();
        // 从数据中查询当前的角色列表(并装载到资源授权器中)
        LambdaQueryWrapper<UserRole> lqw = new LambdaQueryWrapper<>();
        lqw.eq(UserRole::getUserId,user.getId());
        List<UserRole> userRoles = userRoleMapper.selectList(lqw);

        List<Role> roles = new ArrayList<>();
        userRoles.stream().forEach(ur ->{
            roles.add(roleMapper.selectById(ur.getRoleId()));
        });
        roles.stream().forEach(item ->{
            authorizationInfo.addRole(item.getRoleName());

            List<Resources> resources = resourceService.getResourcesByRoleId(item.getId());
            resources.stream().forEach(it ->{
                authorizationInfo.addStringPermission(it.getUrl());
            });
        });

        // 再去查询每个劫色拥有的资源列表,并装载到资源授权器里
        return authorizationInfo;
    }


    // 认证
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        // 获取用户名
        String userName = (String) authenticationToken.getPrincipal();
        // 通过用户名查询数据库的user信息
        User user = userService.getUserByUserName(userName);
        if (user == null){
            throw new UnknownAccountException("用户不存在!");
        }
        // 封装身份认证器
        return new SimpleAuthenticationInfo(user,user.getPassWord(),getName());
    }
}
